Client side cross site scripting is restricted till before Firefox 3.5. With Firefox 3.5 there are a couple of new headers introduced to provide safe cross site scripting: Origin and Access-Control-Allow-Origin.
For more details : Http access control
Also read Server side access control
No comments:
Post a Comment